Anti-Virus for Mac OSX

[ Edited ]

There have many posts recently asking if Comcast provides a free anti-virus solution comparable to the McAfee product available for Windows users. They do not (actually, McAfee makes only the Windows product available to Comcast users). Apple used to make McAfee’s Virex available as part of .Mac, but concerns about the product’s stability, its detrimental effect on machines on which it was installed, and the fact that there are no viruses which affect OSX lead to Apple ending the offering of Virex to its users.

Besides Virex, there are other commercially available AV products for the Mac including Norton AV, Sophos Anti-Virus, and Intego’s Virus Barrier. However, the AV solution that is a favorite among many Mac users can be had for free. ClamXav is a free virus checker which makes use of the open source ClamX engine. So why use an AV program if there are no OSX viruses?

We all get email from Windows users, and some of those emails contain attachments. While an infected attachment can’t harm a computer running OSX, passing that attachment on to another Windows user can infect that recipient. And there’s always the possibility that your next download will contain the first OSX virus, so Mac users shouldn’t be too complacent. Let’s take a quick look at setting up ClamXav and having it scan your downloads and incoming mail.

First, you’ll need to download the ClamXav disk image. When complete, the disk image should automatically mount, if not, double click the ClamXav.dmg file on your Desktop (or wherever your Downloads folder exists). The contents of the disk image is the ClamXav application. You’ll also see an alias of your Applications folder. To install, simply drag the ClamXav application icon onto the Applications alias. When ClamXav is copied to the Applications folder on your HD, you should then eject the disk image, and discard the ClamXav.dmg file. Now, go to /Applications and double-click ClamXav to start the program.

On first launch, ClamXav will need to install its engine. Just follow the instructions of the installer. When complete, you’ll need to relaunch ClamXav. Once open, click ClamXav in the menu bar and choose Preferences. In the resulting window, click the Preferences button. While you can set this up any way you like, I’ll give you my recommendations.

In the General tab, the only boxes I would click are “Scan email files” and “Alert on virus detection”. Do not quarantine files if you scan your email (as I recommend). Next, click the Internet tab. I recommend clicking the bottom 3 boxes. Most of us need not worry about proxies. Now we’ll skip Schedule for a moment and go to the Folder Sentry tab. This is where you choose which folders to watch; simply drag the desired folders into the box (it helps to open a Finder window here). You definitely want to watch your Desktop folder, especially if this is where you download files. I also like to watch /Applications. To protect your incoming mail, scan the Messages folder for each of your email accounts. Using a Comcast email account for an example, the Messages folder will be located in ~/Library/Mail/POP-user_name@mail.comcast.net/INBOX.mbox. Remember to drop the Messages folder for each of your email accounts into the “Folders Being Watched” box. Once you’ve chosen which folders to scan, click the “Save Settings and Launch ClamXav Sentry” button. You’ll notice an icon appear in your menu bar; this alerts you that ClamXav is on the job. While still in the Folder Sentry tab, click the “Launch ClamXav Sentry when you log in to this computer” box. I recommend not scanning inserted disks, this can be very time consuming if you use external hard drives. Also, do not delete infected files unless you like to lose email.

Last, let’s take a look at the Schedule tab. You’ll need to click the lock and authenticate as this sets a system level cron task. Here is where you schedule virus updates. Click the Update tab and set the sliders for a time when your machine is always running. I recommend daily virus updates. In the Scan tab, you can set a full system scan. I find this unnecessary and never use it. When finished, click the “Save Schedule Settings” then click OK. ClamXav is now set up and keeping you protected from the inevitable. You can now quit ClamXav. If you activated Folder Sentry earlier in the instructions, it will continue to run, and will be active whenever you login to your machine.

If you’d like to do a manual scan, say a first-time one-time complete system scan, click the “Choose What to scan…” button, choose Macintosh HD, or your Home folder, or even an external drive, click Open, then click the “Start Scan” button. If a suspicious file is found, an alert will sound, and ClamXav will show you the location of that file. You can then decide whether or not to delete the file. You may want to do this when you’re going to be away from your machine for a while, say before going to bed, as a large scan of this type is fairly processor-intensive and time consuming. Scanning my Home folder on a MacBook Pro 2.0GHz Core Duo with 2GB RAM used between 66%-95% of one core. And always remember, if you use open-source software, please consider supporting the developer financially. While the product is free, there are hosting and bandwidth costs to consider. Ensure that excellent products like ClamXav remain available, supported, and free.

Re: Anti-Virus for Mac OSX

I'm using Intego's Internet Security BarrierX4 AntiSpam Edition, and it's great. It's under a hundred bucksand it protects the Mac very well. Personally, I think Comcast should provide a solution for Macs out ofcourtesy, but, who am I to question Comcast. I used the ClamX anti virus program for a while and it works well. However, the commercial applications arebetter at finding and quarantining any viruses. The intego suite also has a spyware portion that completes anall around protection scheme for the Mac.

Re: Anti-Virus for Mac OSX

Hi Joel-I own a MacBook. I had an issue the other day where FileVault locked me out. When I called up techsupport, they tried numerous ways of resetting my password and hint, which would visibly take, but not actually work. I had to reinstall everything back to factory settings and lost a lot, even though I was given the option to archive what I could. It didn't save much. I just wanted to know if you know anything about recovering lost software and the like, after a tragedy like this.I also was wondering if I need antivirus, because I looked into your suggestion of downloading ClamX - but on the page it suggested not downloading it due to some of Apple's programs in regard to security.

Also, after this incident, my computer seems to be a little slow, and I was wondering if you could offer a few ways that I can check why this is so. Thanks - C77s

Re: Anti-Virus for Mac OSX

C77S wrote: Hi Joel-I own a MacBook. I had an issue the other day where FileVault locked me out. When I called up techsupport, they tried numerous ways of resetting my password and hint, which would visibly take, but not actually work. I had to reinstall everything back to factory settings and lost a lot, even though I was given the option to archive what I could. It didn't save much. I just wanted to know if you know anything about recovering lost software and the like, after a tragedy like this.I also was wondering if I need antivirus, because I looked into your suggestion of downloading ClamX - but on the page it suggested not downloading it due to some of Apple's programs in regard to security.

Also, after this incident, my computer seems to be a little slow, and I was wondering if you could offer a few ways that I can check why this is so. Thanks - C77s

Unfortunately, this is an example of why it is so important to do regular back-ups (OSX 10.5 Leopard is going to make this really easy for us). In the meantime, .Mac users have a program called Backup that allows backing up to your .Mac online storage or to other medium like an external hard drive or CD/DVD disc. Retrospect is another popular backup program, there are many others as well. So many of us are lulled into a sense of security because our Macs are so dependable that we don't ever worry about the need to backup, until the inevitable happens.

If your lost data is REALLY important, there are data recovery services that get paid a premium for their expertise. Makes the cost of a good backup program seem pretty cheap.

As for ClamXav, as long as it's set up properly (I think I describe how above), there should be no issues or conflicts on your system. For example, you don't want Clam to automatically quarantine or remove your mailbox if it gets a hit, thereby losing your mail. Does a Mac user NEED an AV program at this time? Probably not (although I have been alerted to phishing attempts in my email because of ClamXav). When deciding what programs to use or what not to use, think about how YOU use your machine, then make good common-sense decisions based on whether or not you need to do certain things like; use file vault, an AV program, make encrypted backups, use a software firewall vs. router with NAT, etc. Everybody's situation is different, know your situation, know your choices, and use common sense when making final decisions.

I'm on my back for 3 days after a minor back surgery today, so my input in the discussions here over the next few days may be few and far between. I'll try and peek in when I get a chance (I can sit for no more than 15 minutes at a time).

Re: Anti-Virus for Mac OSX

Another option though it is to late for this person was to use the restore disks supplied with the macbook and reset the system administrator password, many times the reason filevault locks you out is because of to many attempts at entering the wrong password for logging in.

Next time just hold down the "C" key while the Mac OS X install disk 1 is in the CD/DVD drive and while it is starting up it will boot to the restore disks and allow you under utilities to reset your system password, this will not cause you to lose any of your data or programs.

Re: Anti-Virus for Mac OSX

Joel, I had been using this for a long time, and it always worked great. But, the other day, it almost hosed my Mac. I accidentally put my Mac to sleep while it was updating, and when I woke my Mac up the next morning, things weren't so well. The system had basically frozen and the Airport card wouldn't turn on. It wouldn't even shutdown. I had to do a hard shutdown. Then my Mac wouldn't boot correctly unless it was in Safe Mode. A normal boot caused it to freeze again. So, I uninstalled ClamXAV in Safe Mode and removed the engine and such, and then my Mac booted fine with no problems. So, needless to say, I won't be using it anymore.

Re: Anti-Virus for Mac OSX

As per always....I see a new McAfee offering (along with all the other "free" things Comcast offers....Windows users. I feel like I am gettng hosed on my usage of this product. I have never seen anything offered for Mac. Go figure.

Re: Anti-Virus for Mac OSX

If you had a Windows machine and actually tried any of that stuff they "give" away, you wouldn't feel so bad. Besides, how many people sign up for internet service because of the AV package they give away?

Re: Anti-Virus for Mac OSX

Joel wrote:If you had a Windows machine and actually tried any of that stuff they "give" away, you wouldn't feel so bad. Besides, how many people sign up for internet service because of the AV package they give away?

Exactly!!! (BTW other providers products are no better, and in many cases even worse...)

Re: Anti-Virus for Mac OSX

Was at MacWorld Expo SF a few weeks ago and spoke with the McAfee rep at their booth. I asked about this comcast situation and was told that the McAfee enterprise AV would work similarly to the AV for windows product that comcast currently offers their windows customers. When I asked why this hasn't been deployed for the Macintosh users, I was referred to comcast.

Re: Anti-Virus for Mac OSX

Hello Joel, hope this gets to you, good to see someone here that knows Macs.

A few weeks ago Comcast shut down my email, said my 'PC' had a virus and was sending out spam. Of course they directed my to the free McAfee. Grrr. so I had to change all my email accounts to another port, got that done OK. thinking maybe there was a problem, although I doubted it, I got Norton and installed it (hadnt seen your recommendations) $50, ran a full scan - NO Virus!! surprise!!what was that all about?? now I am running slower, etc., with annoying scans trying to go, etc., but I will keep it in case.

Also, when I wanted to use the 'included' web pages available to ALL comcast users, it doesnt work with Mac, and support told me - sort of - that they dont really work with macs. Yeah, i agree we are getting hosed by Comcast.

Re: Anti-Virus for Mac OSX

sactowoman wrote:Hello Joel, hope this gets to you, good to see someone here that knows Macs.

A few weeks ago Comcast shut down my email, said my 'PC' had a virus and was sending out spam. Of course they directed my to the free McAfee. Grrr. so I had to change all my email accounts to another port, got that done OK. thinking maybe there was a problem, although I doubted it, I got Norton and installed it (hadnt seen your recommendations) $50, ran a full scan - NO Virus!! surprise!!what was that all about?? now I am running slower, etc., with annoying scans trying to go, etc., but I will keep it in case.

Also, when I wanted to use the 'included' web pages available to ALL comcast users, it doesnt work with Mac, and support told me - sort of - that they dont really work with macs. Yeah, i agree we are getting hosed by Comcast.

As another long-long Mac user, I suggest that you ask Comcast to reimburse you for the $50! My second suggestion is to delete MacAfee!sam

Re: Anti-Virus for Mac OSX

As yet another long-time Mac user (1989 with an SE) It'd be nice if you could get Comcast to refund the $$,but don't get your hopes up too high. (Even though they've never shown ANY of the Mac users whomthey've accused of being infected of sending spam or being infected.)

OTOH I've been using Norton for a number of years, even thought it's not found ANYTHING in OSX, ever.

It won't hurt you, and it's cheap enough for subscription costs.

If they up the cost much, I'll just drop it (and they know there're lost more like me).

CC seems to want everyone to switch Ports because some PC's using the original SMTP port are spam cannons,I guess they think it's easier to send "You're Infected, I've just cut you off without warning" notices than to figureout where the spam is really coming from.

They assure me that they know how many Mac users they have as customers, so they clearly could tell who the Mac usres are (by IP, at least)but that doesn't seen to correlate with their telling is to use the "Free" McAfee that's PC only.

OH Well, Rant Off

I'll go to Verizon when they emasculate my conventional cable service so much that I need a cable box. They keep sending memessages that they're upgrading my service by eliminating channels

Re: Anti-Virus for Mac OSX

[ Edited ]

They seem to be accusing a lot of Mac users of being infected lately, with what I don't know. I send a lot of outgoing mail to our local Mac User Group; I use my Gmail account to avoid being called on the carpet by Comcast, but I was still accused as well. Just change your outgoing (smtp) mail port to either 465 or 587 and enable SSL, and turn on Password Authentication (MD5 Challenge-Reponse will work too) in your Mac Mail application and everything should be OK. It still wouldn't hurt to use another service if you send to a large number of recipients (Comcast's residential service isn't exactly tailored to fit some of the needs of a small business, even a home-based one).

Re: Anti-Virus for Mac OSX

Hi Joel, thanks for the tips. CC was good in explaining how to reset to another port. A minor pain. But no explanation. However, I sometimes get spam mail, sent to other CC addresses, but it gets to me. So there is some slack on their end. I dont subscribe to the .Mac, since i dont need it. I have used Entourage (even tho its microsoft) since i have the Office package, for about 5 years and find it works well. Guess they have the hacker problem fixed now and things should work. xxx our fingers!Cheers and thanks!

Re: Anti-Virus for Mac OSX

Barmar wrote:They're not accusing Mac users of being infected, it's just a form letter. Since most spam comes from infected Windows PC's, that's the type of problem that the letter addresses.

The letter says, in part...

Dear Comcast Customer:ACTION REQUIRED: Comcast has determined that your computer(s) have been used to send unsolicited email ("spam"), which is generally an indicator of a virus. For your own protection and that of other Comcast customers, we have taken steps to prevent further transmission of spam from your computer(s).

They not only accused me, they disabled access to port 25 - without cause, and without warning.

Re: Anti-Virus for Mac OSX

Yep, thats the form letter. the point I had was that I very seriously doubt that there was any spam being sent from my Mac.They never verified anything, and calling them would be useless. I think some of the above theories are likely correct. Probably i got it because I sent group emails of over 50 people. I wouldn't think that should be a problem in 2008. Maybe a few years ago, but come on guys! Note the form letter says 'your PC'. yeah, Duh!

Re: Anti-Virus for Mac OSX

That letter confirms what I said. They didn't accuse you of being infected, they just said that sending spam is GENERALLY an indicator of being infected. There's a subtle difference. Furthermore, the alternative to this would be to accuse you of actually BEING a spammer, rather than an innocent victim, so they're giving you the benefit of the doubt (actually, it's pretty unlikely that you'd be a spammer, since spammers practically never send from their own machines).

My point is, for whatever reason they've concluded that spam has been sent from your connection. It could be a false positive, it could be because someone hijacked your wireless. But once they've come to that conclusion, the most likely cause is a Windows PC having caught a virus, so that's what the email says. It's virtually impossible for a form letter like this to go into much detail, it just overwhelms and confuses most customers.

Re: Anti-Virus for Mac OSX

I'm sorry, I just can't agree- explicitly or passively (by not responding).

They said I (my line) Spammed.

I have not found a Comcast Mac user who has not (yet) gotten that bald, false, accusation.

I'd almost be willing to bet $1000.00 that they can not show ANY evidence of my spamming - They're irresponsibably broadcastingthese accusations with the concomitant unilateral denials-of-service.

OK, if they think I'm sending spam, how could that happen?

1. Some spammer's popping up somewhere on The Internet using "MY" IP address - believe me I'm on enough and I'd know if my stuff were going astray(Though Comcast does seem to have some "exposure" on the DNS front, it seems.)

(Spammers find it trivial to find a Windows box that can be hacked/toujan'd/compromised to send spam; nobody'd bother with any of the above.)

5. I had not noticed that I've been using a Windows PC whilst thinking my machine's a Mac. - Well, this is the most likely of the possibilities so far.(and NO, None of my Macs is Intel based, so I can't be running Windows on my Mac)

6. I was right, CC has NO evidence that Spam's been coming from me.

I understand that a form letter couldn't give details, all I ask is that they don't "prevaricate" about having seen spam from my connection, andsend these form letters ONLY to owners on whose connections they actually have seen spam.

Re: Anti-Virus for Mac OSX

So what do you think is happening? You think they're just randomly sending these emails to customers, whether or not they think they've spammed? Despite the fact that bigchris has specifically said that they don't do this?

It could be something as simple as someone mistakenly clicking on the "Report Spam" button on an email from you. For all we know, it just takes a single report like that for Comcast to block your port 25. This isn't considered a serious impediment to using the service, so they're trigger-happy on this.

Re: Anti-Virus for Mac OSX

Barmar wrote:So what do you think is happening? You think they're just randomly sending these emails to customers, whether or not they think they've spammed? Despite the fact that bigchris has specifically said that they don't do this?

It could be something as simple as someone mistakenly clicking on the "Report Spam" button on an email from you. For all we know, it just takes a single report like that for Comcast to block your port 25. This isn't considered a serious impediment to using the service, so they're trigger-happy on this.

Actually, I think it's not random, particularly as these "form letters" seem to come in bunches.

I think that someone sees (hears of) spam from some server and they scattershot these letters to everyone on that server who is using Port 25, and blow them all off the air. Yes, whether or not they've spammed

Others in town got the letters the same time as I.

No, I fully agree, indeed it is not even a minor impediment to using the service - a service that has proven quite reliable. What it does, is reinforce my opinion about CC's attitude towards their customers.

I still contend that there is no excuse for blocking service to users - who are known not to be spamming - without notice.

Bigchris also said he'd get on the Mac VS. Lithium issue - have heard nothing. ('though clearly fatherhood has infinitely higher priority!!)

Re: Anti-Virus for Mac OSX

Some points of clarification and response:

To Dr Duh

1) yes fatherly duties and them some young fellows who decided to mess with DNS got in the way of looking at the Lithium issue.

2) Comcast doesn't accuse 'you personally' of spamming in the email. What we state (as Barmar re-iterated) is spam being generated from your IP which could be caused by many things. Normally on a windows network, it's a virus. But in the past it's also been (but not limited to) visiting friends and relatives with their own compromised machines. It's also been that pesky 14 year old boy next door, upstairs, downstairs or somewhere close by that decided to see how easy would be to get on someone elses network, bringing with him his own set of nice little viri' from his surfing activities.

3) If we were accusing you personally of being a spammer, they'd likely be a knock on your door from some nice detectives, not just a port 25 block and a form letter.

4) It's a form letter and can't cater to all possibilities without becoming confusing to the average user including my Mum.

5) It was written or proofed by lawyers. Need I say more? <-- humor injection! ;-)

6) Just because we don't provide evidence doesn't mean we simply guessed at the IP or randomly selected you.

7) Blocking outbound spam from our platform benefits all our subscribers. We've reduced our ranking on various sites that track spam from a number 1 position last year to way down the rankings. The less spam generated the less lkely we are blocked from other ISPs and therefore more likely everyone's mail will be delivered.

Re: Anti-Virus for Mac OSX

bigchris wrote:

Some points of clarification and response:

To Dr Duh

1) yes fatherly duties and them some young fellows who decided to mess with DNS got in the way of looking at the Lithium issue.

2) Comcast doesn't accuse 'you personally' of spamming in the email. What we state (as Barmar re-iterated) is spam being generated from your IP which could be caused by many things. Normally on a windows network, it's a virus. But in the past it's also been (but not limited to) visiting friends and relatives with their own compromised machines. It's also been that pesky 14 year old boy next door, upstairs, downstairs or somewhere close by that decided to see how easy would be to get on someone elses network, bringing with him his own set of nice little viri' from his surfing activities.

3) If we were accusing you personally of being a spammer, they'd likely be a knock on your door from some nice detectives, not just a port 25 block and a form letter.

4) It's a form letter and can't cater to all possibilities without becoming confusing to the average user including my Mum.

5) It was written or proofed by lawyers. Need I say more? -- humor injection! ;-)

6) Just because we don't provide evidence doesn't mean we simply guessed at the IP or randomly selected you.

7) Blocking outbound spam from our platform benefits all our subscribers. We've reduced our ranking on various sites that track spam from a number 1 position last year to way down the rankings. The less spam generated the less lkely we are blocked from other ISPs and therefore more likely everyone's mail will be delivered.

I'll give $500 to your favorite charity if you can show any spam that can be traced to my IP (not clearly forged). (and show that the offending IP was assigned to me when the offense occurred; I don't actually keep track, since I had had my former IP address for several years )

Most of my post referred to the difficulty of actually generating from "My platform" (no visitors in the house, password protected platforms, secure wireless)

Anyhow, I believe I've made my point - I think CC either blew it or -- AHA? another possibility is that it was a dynamic IP reassignment issue.

In that case, I got nailed because of a former "owner" of the IP address I use at present. If this is the case, it's, I'm afraid, also egregious that CC didn't check to see who "owned the offending IP when the spam was generated. (I say egregious, because, not only is an innocent used accused of having a compromised platform, but the actual offender is likely happily still sending spam with impunity (with a different IP address).

Anyhow, I guess we've beaten this issue to death (and then some, sorry)

I reiterate, I enjoy these academic discussions, and still believe that CC's service meets my needs admirably, and still recommend you folks (except for one bad morning last month )

(I've got one of my domains registered with Network Solutions, do you suggest I switch that one to GoDaddy with my others )

Re: Anti-Virus for Mac OSX

[ Edited ]

I've written up a web page showing how to change the outgoing mail port using Mac OS X 10.5. Comcast's help has pictures for 10.4. I'm president of my local Apple user's group, and we'll include this info in our next newsletter.

Re: Anti-Virus for Mac OSX

DrDUH Wrote: I have not found a Comcast Mac user who has not (yet) gotten that bald, false, accusation.

You obviously haven't met me.. I've been using Macs since I first came online in 1999 and haven't seen a letter like that. In fact, I may be an anomaly, as I've not had anything but excellent service with Comcast. No complaints whatsoever. Now ATTBI and MediaOne were a bit pokey and God knows I went round endlessly with them..

Re: Anti-Virus for Mac OSX

foodandart wrote:DrDUH Wrote: I have not found a Comcast Mac user who has not (yet) gotten that bald, false, accusation.

You obviously haven't met me.. I've been using Macs since I first came online in 1999 and haven't seen a letter like that. In fact, I may be an anomaly, as I've not had anything but excellent service with Comcast. No complaints whatsoever. Now ATTBI and MediaOne were a bit pokey and God knows I went round endlessly with them..

Deb.

Sorry, I don't come here very often (boycotting until the Lithium forum software supports Safari)

As Barmar pointed out (by implication) the letters go only to users using Port 25 for their email - I'd guess tat you are not.

Regardless, as I've pointed out, I'm quite happy with Comcast, and have been for years. I pay them to connect me with The Internet, and pass all mail to my address, and with an occasional glitch, they do just that - and quite reliably.

There's been Verizon Fiber on my telephone pole for quite a while now, and I stick with Comcast.

Re: Anti-Virus for Mac OSX

I have also been a long time Mac user. There is a Trojan going around on the Mac which effects the Apple Remote Desktop, if you don't use it you don't have anything to worry about. I work at a Community College where I use ARD everyday. It was a hassle to get rid of the Trojan, but it was not dangerous by any means.

Re: Anti-Virus for Mac OSX

Joel I am sort of a computer dummy, so please excuse me asking this question below....I have iMac running OSX 10.5.4.....I got e-mail from Comcast that my out going mail was being blocked due to it sending hidden spam....I got that fixed by changing port for mail.

I installed Firefox and ClamXav per you suggestion below, but am having problem configuring the "folder security tab" on ClamXav...You say drag folders that I want scanned to that box, but I don't know where I find the folder list from which to drag them. Can you explain this in more detail for this computer novice

Re: Anti-Virus for Mac OSX

[ Edited ]

Fred,

Open a Finder window, and drag the desired folder from the Finder window into the ClamXav box. Really, the only folders you need to watch (after doing a one-time full scan) are probably the Downloads folder (if thats where all of your downloads are going) and your mail Messages folder as described in the first post (if you are using Mail as your default mail client). Be sure to schedule Clam to update definitions daily at a time when your machine is on.

Re: Anti-Virus for Mac OSX

Thanks Joel---Getting it slow, but sure. I could not find "/applications" folder that you suggested to scan. You don't mean everything in the applications folder so you? I found mac mail and comcast mail in my home location library under mail and dragged them to the box. I guess that was right......I dragged the entire desktop folder from my home location to the box too. Was that all correct? Where is that /applications?Thanks"Numpty" Fred

Re: Anti-Virus for Mac OSX

There's really no need to scan Applications if you are scanning anything new as it gets downloaded. If ~/Desktop is your default download location, then yes, scan that. Otherwise, I'd be scanning ~/Downloads ("~" is the Unix designation for your Home folder). Remember, doing a virus scan does use CPU cycles, and while Clam is a very stable program and efficient in its use of processor time, there still are at this point in time no OSX viruses, so there's no need to unnecessarily bog your machine down by doing more scans than needed.

Re: Anti-Virus for Mac OSX

Thanks Joel, Docpd, and Barmar------I figured it out. After changing e-mail ports, clamXav did find one trojan which I deleted. My Internet Cleanup had not detected it. I am glad that I installed the clamXav.

Re: Anti-Virus for Mac OSX

With the recent articles about Apple's "encouraging the use of AV software on OS X", it's possible this thread could be getting some increased attention. The way I see things, nothing's changed. There are still no OSX viruses in the wild. ClamXav was updated again just a couple of days ago, and I still highly recommend this free program to those of you who wish to run AV software on your Macs. Beside scanning for viruses (Clam detects Windows viruses too so you don't pass them along via email), Clam can also detect phishing attempts in your email messages (if you've got Clam set to scan your Inbox.mbox folders as described in the top post of this thread). Be careful though, because a bad header can make a legit commercial email appear to be a phishing attempt, so check any alerted messaged before deletion (voice of experience).

Macworld makes no mention of ClamXav among its recommendations, opting rather to push commercial offering such as Sophos, Norton, and Symantec. Remember, all three of these are paid sponsors of the magazine, so when making software decisions, rely more upon user recommendations and reviews from sites like MacUpdate, VT, MacFixIt, AppleInsider, and of course the Macintosh forum at comcast.net ;-)

Re: Anti-Virus for Mac OSX

I'm going to take a wait and see attitude for now. If Apple is going to recommend AV software, it won't be long before other AV vendors start offering a Mac OS X version and we have a decent choice of products.

Re: Anti-Virus for Mac OSX

This article from DailyTech was widely distrubuted via their RSS feed on Tuesday, Dec 2, 2008. So lots and lots people saw it, but the linked Apple KB note has been pulled as Barmar points out. I never read the Apple note so I have no idea what it said or how old it was, but since Apple pulled it, it souds to me like they don't think it was accurate or necessary. The DailyTech piece is still in place, however, with the broken link.

When
I purchased my Mac I was told getting a virus on a Mac is unlikely and
that I did not need protection. What do you recommend?

Calm and care.

By
calm I mean that the Windows world is so rife with viruses, adware,
spyware, and other varieties of malware, it’s a commonly held belief
that all computers are susceptible to these kinds of cooties
and one would be a fool to operate a computer without some kind of
prophylactic utility. This belief is manifest in Windows users who move
to the Mac and immediately purchase antivirus software in the belief
that it’s a necessary part of owning a computer.

And, on the Mac, it’s just not.

The
hedge for those of us in the recommendation business is that while
there may not be viable virus threats now, there could be one day. In
order for us to cover our respective patoots, we must follow up our
“Nah, you don’t really need antivirus software” suggestion with “—at
the moment, but someday you might” and then we weasel and waffle in
anticipation of the day when The Bad Thing Appears and the villagers
appear at our gates with blazing torches and the more rustic form of
pitchfork.

And by care I mean that it’s worth your while to
learn the difference between the various cooties that some people
too-broadly define as viruses. As in:

Virus
This is a program that earns its name by its ability to replicate
itself, locally and often across a network. Many viruses attach
themselves to other programs. When those programs are launched, the
virus code is launched as well and the virus goes about its nefarious
business.

Viruses are commonly found in the Windows world. Not
in the Mac world. Viruses are where we most often employ the “not now,
but maybe someday” antivirus weasel.

Trojan A Trojan (shortened from Trojan Horse)
is a kind of malware that promises one thing but delivers another. For
example, you’ve downloaded an application that promises to make you
rich, cure male-pattern baldness, and double the size of your ring
finger. When you run this miracle worker the contents of your computer
are, instead, beamed to an underground data center in Kamchatka.

The greatest risk in this scenario is the person operating the computer. If you obtain software from reliable sites such as VersionTracker and MacUpdate and resist the urge to open a file you receive in an anonymous email message, you’re unlikely to get one of these Trojans.

If
you’d like an extra measure of security should something rude find its
way onto your Mac, consider purchasing a copy of Objective
Development’s $30 Little Snitch.
This handy utility will alert you when an application attempts to send
information out from your Mac. You’re welcome to approve applications
that are doing the right thing and apply the hairy eyeball to
applications that appear to be up to no good.

And if you’re also concerned about incoming traffic, enable your Mac’s firewall (found in Leopard’s Security system preference).

Adware and spyware
Adware is software that has an embedded advertising component—one that
displays or downloads ads when you run the software. Some adware is
legitimate—part of the price of using a “free” application such as Twitterific or Eudora,
for example. Spyware is malware that grabs data from your computer and
often uses it for the purposes of evil—sending personal information to
a baddie or, when using your web browser, redirecting you to sites you
don’t want to visit.

In order for the worst forms of this kind
of malware to work, the operating system must allow unrestricted access
to its more sensitive parts. The Mac OS doesn’t and so adware and
spyware are not currently something for Mac users to worry about.

Phishing Like Trojans, phishing schemes—those schemes that trick you into
revealing personal and financial data—exploit the weakness of the
person sitting at the computer rather than the computer itself. These
are fraudulent offers or warnings that arrive via email or instant
message demanding that you provide credit card, social security,
password, or bank account information in order to maintain an account
or service or confirm a transaction.

For example, you receive a
message from your credit card company suggesting that you confirm your
username and password in order to continue using the bank’s online
services. Click the link that supposedly takes you to the bank’s
website and you’re presented with a webpage that looks exactly like the
real deal. But, of course, it isn’t. Provide the information they seek
and woe is you in the form of a drained bank account or massive credit
card bill.

To thwart phishing schemes all you need do is avoid
taking the bait. Banks, lending institutions, credit card companies,
auction sites such as eBay, online services, Internet service
providers… any reputable outfit that holds personal information never demands this kind of information in the form of an email message.

Ah, but what about Windows on a Mac?

A
lot of people are running Windows software on their Macs—either with
the help of Apple’s Boot Camp or through a virtualization product such
as VMware Fusion or Parallels Desktop for Mac.
Regardless of how you run Windows, the operating system you’re running
is the real deal and is just as susceptible to computer cooties as a PC
running Windows. In this case you would be a fool to skirt antivirus
software in the Windows environment.

So, do you need antivirus
and/or security software? I’ve chosen to do without it and I’ve yet to
regret that decision. But then I try to practice safe computing. If
you’re the kind of person who clicks questionable links and opens
suspect files without hesitation, leaves your network unprotected, and
uses “password” as your Administrator’s password, perhaps you could use
a little extra protection in your life.

Re: Anti-Virus for Mac OSX

The plain and simple answer is if you are running a Mac, simply hook it up to a cheap NAT router, either Hard-wired or not, and you'll be good to go. If you are running wireless, you should enable WAP security, at a minimum. If you have no neighbors within a quarter-mile, you don't even need that much security.

A Mac, either OS 8, 9, or X doesn't need any anti-virus protection and submission, period. Just a NAT router.

Re: Anti-Virus for Mac OSX

RichMedia wrote:

The plain and simple answer is if you are running a Mac, simply hook it up to a cheap NAT router, either Hard-wired or not, and you'll be good to go. If you are running wireless, you should enable WAP security, at a minimum. If you have no neighbors within a quarter-mile, you don't even need that much security.

A Mac, either OS 8, 9, or X doesn't need any anti-virus protection and submission, period. Just a NAT router.